keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2026-05-28 04:13:22 -04:00

Author	SHA1	Message	Date
Pedro Ruivo	9430a3f928	Add CLI option for tx and migration timeout Closes #19453 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2026-02-27 16:11:18 +00:00
Marie Daly	193a423571	invalid_grant errors now return HTTP 400 (#46528 ) Closes #45812 Signed-off-by: Marie Daly <marie.daly1@ibm.com> Signed-off-by: Marie Daly <mdaly@redhat.com> Co-authored-by: Ricardo Martin <rmartinc@redhat.com>	2026-02-25 18:03:36 +01:00
Pedro Ruivo	be175346cd	Aggregate client-id field for improved Infinispan query Closes #46471 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2026-02-23 16:43:23 +01:00
Ricardo Martin	4f90ef67f6	Limit the inflating size for the SAML redirect binding Closes #46372 Signed-off-by: rmartinc <rmartinc@redhat.com>	2026-02-17 18:40:11 +00:00
Michal Vavřík	8e816f749c	feat: Update container images to use OpenJDK 25 (#46386 ) This PR is mostly based on `303446b465`. Additionally, I made few tweaks to documentation and introduce a doc variable for the recommended Java version so limit required changing when migrating the recommended JDK version. * Closes: https://github.com/keycloak/keycloak/issues/45830 Signed-off-by: Michal Vavřík <michal.vavrik@aol.com>	2026-02-17 15:35:46 +01:00
Pedro Ruivo	d04d833ec5	Update external Infinispan metrics documentation Closes #46390 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2026-02-17 10:34:17 +00:00
Ruchika Jha	f92c27e26d	Make rolling updates for patch releases fully supported and Updated docs, release notes and upgrading guide for zero-downtime patch releases Closes #45381 Closes #45756 Signed-off-by: Ruchika <ruchika.jha1@ibm.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2026-02-16 15:11:16 +00:00
Ruchika Jha	e82e107b85	Enable graceful HTTP shutdown and document default behavior Closes #43589 Signed-off-by: Ruchika <ruchika.jha1@ibm.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2026-02-13 14:28:49 +00:00
Ricardo Martin	bef8f7f0fd	Move upgrading note for the serverinfo to 26.5.4 Closes #46267 Signed-off-by: rmartinc <rmartinc@redhat.com>	2026-02-12 14:50:45 +01:00
Marie Daly	7d6108d4b9	Redirect Wildcard changes and more https checks to secure-client-executor (#46082 ) Closes #45587 Signed-off-by: Marie Daly <marie.daly1@ibm.com>	2026-02-10 13:00:06 +01:00
rmartinc	d701329f49	Move upgrading note for SAML to 26.5.4 Closes #46150 Signed-off-by: rmartinc <rmartinc@redhat.com>	2026-02-10 11:01:45 +01:00
Ricardo Martin	f0381f8482	Check SubjectConfirmationData element for bearer type Closes #45646 Signed-off-by: rmartinc <rmartinc@redhat.com>	2026-02-10 08:20:17 +01:00
Pedro Ruivo	02c6499d96	Deprecate unused methods in UserSessionProvider Closes #45823 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2026-02-06 19:04:19 +01:00
rmartinc	69fabcf902	Documentation changes to deprecate Token Exchange V1 Closes #45792 Signed-off-by: rmartinc <rmartinc@redhat.com>	2026-02-05 17:32:04 +01:00
Martin Bartoš	3e568fc81b	OTEL: Use suggested 'code.function.name' for span attributes Closes #45944 Signed-off-by: Martin Bartoš <mabartos@redhat.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2026-02-03 15:56:48 +01:00
rmartinc	d4e9b16ea9	Include version in system-info for manage-realm and restrict view-system mapping Closes #45776 Signed-off-by: rmartinc <rmartinc@redhat.com>	2026-02-02 12:40:57 +01:00
Pedro Ruivo	bae3963d25	Refactor SessionsResource for better memory usage and performance Closes #45727 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2026-01-29 11:38:54 +01:00
Pedro Igor	b9243a7270	Only enable JS policies if the scripts feature is enabled Closes #44132 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2026-01-28 12:28:32 +01:00
Steven Hawkins	38b5466093	fix: aligns our dev http-host default behavior with that of quarkus (#45691 ) closes: #42876 Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com>	2026-01-27 16:51:47 +01:00
Steven Hawkins	77704a91b6	fix: adding support for xforwarded prefix (#45699 ) closes: #35298 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2026-01-26 18:14:54 +01:00
Pedro Ruivo	2f4f36eabc	Add realm id column to offline_client_session table Closes #44424 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2026-01-23 16:28:34 +01:00
Alexander Schwartz	e278a2f6fd	Changing default clock skew for not-issued-before to 10 seconds Closes #45620 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2026-01-22 19:11:10 +01:00
Martin Bartoš	57f0b15c80	OTEL: Add Telemetry options to Keycloak CR (#45397 ) * OTEL: Add Telemetry options to Keycloak CR Closes #45348 Signed-off-by: Martin Bartoš <mabartos@redhat.com> Co-authored-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> * Add validation to resource attributes Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Avoid unnecessary warning logs during the operator tests execution Closes #45623 Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Update docs/documentation/upgrading/topics/changes/changes-26_6_0.adoc Signed-off-by: Václav Muzikář <vaclav@muzikari.cz> --------- Signed-off-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: Václav Muzikář <vaclav@muzikari.cz> Co-authored-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>	2026-01-22 16:02:06 +00:00
Nate Drake	139de283cc	Add missing space to fix markdown code rendering (#45621 ) Signed-off-by: Nate Drake <ndrake@gmail.com>	2026-01-22 15:59:24 +01:00
rmartinc	7e20b87136	Add abstract property for themes and do not display base for selection Closes #41924 Signed-off-by: rmartinc <rmartinc@redhat.com>	2026-01-21 15:42:52 +01:00
Alexander Schwartz	cc8947a060	Keycloak should not allow matrix parameters in URLs as we don't use them Closes #45533 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2026-01-20 19:45:02 -03:00
Martin Bartoš	137a35c110	Mask certain HTTP headers and cookies in the HTTP access log (#45400 ) * Mask certain HTTP headers and cookies in the HTTP access log Closes #43811 Signed-off-by: Martin Bartoš <mabartos@redhat.com> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> * Improve tests, Improve docs Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Fix test Signed-off-by: Martin Bartoš <mabartos@redhat.com> --------- Signed-off-by: Martin Bartoš <mabartos@redhat.com> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>	2026-01-19 19:01:45 +01:00
Alexander Schwartz	391593cfa7	Implement asynchronous logging when called from nonblocking threads Closes #45015 Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Signed-off-by: Martin Bartoš <mabartos@redhat.com> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2026-01-15 09:20:34 -03:00
mposolda	1273c8db0e	DCR endpoint ignores client's requested token_endpoint_auth_method in case it is client_secret_post closes #44403 Signed-off-by: mposolda <mposolda@gmail.com>	2026-01-12 09:54:04 +01:00
Ryan Emerson	f8b114bdd8	Add indexes to BROKER_LINK table Closes #45009 Signed-off-by: Ryan Emerson <remerson@ibm.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2026-01-09 16:09:40 +00:00
Alexander Schwartz	234526761e	Fix section level in 26.5 migration guide Closes #45184 Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2026-01-07 07:54:06 -03:00
Alexander Schwartz	e43cf55028	Finalizing 26.5 release notes Closes #45131 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Stian Thorgersen <stian@redhat.com>	2026-01-05 14:10:32 +01:00
Alexander Schwartz	a6bf194487	Remove usage of kcSanitize() to avoid printing HTML (#44755 ) Some checks are pending Weblate Sync / Trigger Weblate to pull the latest changes (push) Waiting to run Details Closes #44753 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2026-01-05 10:45:32 +01:00
Ryan Emerson	cafa1a86eb	Disable state transfer for session caches when persistent sessions are enabled Closes #44518 Signed-off-by: Ryan Emerson <remerson@ibm.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2026-01-05 08:53:59 +00:00
Ruchika Jha	60b369c622	Validate client session timeout and lifetime settings on realm settings edit Closes #44910 Signed-off-by: Ruchika <Ruchika.Jha1@ibm.com> Signed-off-by: Ryan Emerson <remerson@ibm.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Ryan Emerson <remerson@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2026-01-05 08:50:56 +00:00
Stian Thorgersen	f2c527239d	Update JNDI reference in LDAP referrals documentation (#45129 ) Clarified the term 'JNDI' in the LDAP referrals section. Closes #45040	2026-01-05 09:01:40 +01:00
Robin Meese	0d0d468f27	Add ability to delete offline sessions via account console Closes #15502 Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2026-01-05 08:26:47 +01:00
Christian Ja	374e45b883	Use default locale from realm an intermediate fallback closes #40990 Signed-off-by: Christian Janker <christian.janker@gmx.at> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2026-01-01 14:23:33 +00:00
Robin Meese	35ee49b5d4	Add logout event to UserSessionLimitsAuthenticator Closes #44843 Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2026-01-01 13:22:54 +00:00
Robin Meese	0957572751	Add logout event to SessionResource Closes #44842 Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-12-29 12:25:45 +00:00
Sebastian Łaskawiec	9597537bf3	Additional fields for the Welcome Resource (#44758 ) * Additional fields added to the Welcome Page Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@gmail.com> * Updated the order of fields Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@gmail.com> --------- Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@gmail.com>	2025-12-17 13:11:44 +01:00
Martin Kanis	012cefb654	The existence of an organization attribute called id is not validated Closes #44522 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-12-17 08:05:32 -03:00
Steven Hawkins	148d14816c	fix: allowing settable connection request timeout (#44592 ) Some checks are pending Weblate Sync / Trigger Weblate to pull the latest changes (push) Waiting to run Details also defaulting to 5000 closes: #44500 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-12-16 16:35:01 +00:00
Ruchika Jha	26fe8dc7d8	Added validation for client session timeout post comparing the realm session timeouts Closes #41019 Signed-off-by: ruchikajha95 <Ruchika.Jha1@ibm.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-12-11 13:58:04 +01:00
Martin Bartoš	8def691053	[OTel] Provide general options for telemetry settings (#41705 ) * [OTel] Provide general options for telemetry settings Closes #41263 Co-authored-by: Ryan Emerson <remerson@redhat.com> Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Update docs/guides/observability/telemetry.adoc Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Provide release notes and deprecation note Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Ignore link to the telemetry guide for now Signed-off-by: Martin Bartoš <mabartos@redhat.com> --------- Signed-off-by: Martin Bartoš <mabartos@redhat.com> Co-authored-by: Ryan Emerson <remerson@redhat.com> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>	2025-12-10 12:03:46 +00:00
Christian Glasmachers	921b10ee80	Login failure cache: Evict entries after the configured failure reset time Closes #44801 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Pedro Ruivo <pruivo@redhat.com> Co-authored-by: Christian Glasmachers <Christian.Glasmachers-extern@deutschebahn.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>	2025-12-10 11:20:19 +01:00
vramik	5dbc91e028	Deprecate Fine-Grained Admin Permissions v1 Closes #44121 Signed-off-by: vramik <vramik@redhat.com>	2025-12-08 10:26:27 -03:00
Alexander Schwartz	2f81a2fb76	Updating and ordering the release notes Closes #44706 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-12-08 10:55:33 +01:00
Sebastian Schuster	b5178a2bec	Added section on recommended isolation level to db guides Closes #44611 Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-12-05 14:48:31 +01:00
forkimenjeckayang	4dd68c0316	[OID4VCI] Conformance Test Fixes (#44439 ) closes #44659 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>	2025-12-04 09:03:38 +01:00

1 2 3 4 5 ...

426 commits